%20%E8%B7%AF%E5%BE%84%E4%B8%BA%20%5C%5C.%5C.%5C.png)
我正在通过 procmon 捕获尝试分析一个问题,我有大约四十行如下所示的内容:
0.700867755 Explorer.EXE 10480 CreateFile \\.\.\ SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened \\.\.\
0.700867755 Explorer.EXE 10480 FileSystemControl \\.\.\ SUCCESS Control: CSC_FSCTL_OPERATION_QUERY_HANDLE \\.\.\
0.700867755 Explorer.EXE 10480 FileSystemControl \\.\.\ SUCCESS Control: CSC_FSCTL_OPERATION_QUERY_HANDLE \\.\.\
0.700867755 Explorer.EXE 10480 CloseFile \\.\.\ SUCCESS \\.\.\
0.700867766 Explorer.EXE 10480 CreateFile \\.\.\ SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened \\.\.\
0.700867766 Explorer.EXE 10480 FileSystemControl \\.\.\ SUCCESS Control: CSC_FSCTL_OPERATION_QUERY_HANDLE \\.\.\
0.700867766 Explorer.EXE 10480 FileSystemControl \\.\.\ SUCCESS Control: CSC_FSCTL_OPERATION_QUERY_HANDLE \\.\.\
0.700867766 Explorer.EXE 10480 CloseFile \\.\.\ SUCCESS \\.\.\
\\.\.\路径表示什么?它看起来像一个相对路径,但我以前从未在 Procmon 输出中看到过相对路径。